<!DOCTYPE HTML>
<?php 
    session_start(); 

    if(isset($_POST['tabla'])){
        $_SESSION['selected'] = $_POST['tabla'];
    }
    
    if(isset($_SESSION['id'], $_SESSION['vorname'], $_SESSION['name'])){
        $id = $_SESSION['id'];
        $vorname = $_SESSION['vorname'];
        $name = $_SESSION['name'];
    }
?>

<?php if(isset($_SESSION['id'], $_SESSION['vorname'], $_SESSION['name'])) : ?>
    <?php if ($_SESSION['id']=="root") : ?> 
<html>

<head>
<meta http-equiv="Content-type" content="text/html;charset=UTF-8">
<link href='./images/favicon.ico' rel='shortcut icon' type='image/png'>
<link rel="stylesheet" type="text/css" href="./css/index.css">
<title>Table Data</title>

<script>
function DeleteRow(fila) {
    window.alert("You are going to delete row id = " + fila);
}

function MakeVisible() {
    document.getElementById('Nueva_Linea').style.visibility="visible";
    document.getElementById('Warn1').style.visibility="visible";
    document.getElementById('Warn2').style.visibility="visible";
}
</script>

</head>


<body id="fondo">
<div id="cuerpo">
<fieldset style="width: 1000px; color: #FFF;";>
    <?php
        include 'header.php';
    ?>

<p>Warning: Be carefull with data removing. You are responsible.</p>
<?php
if(isset($_POST['tabla'])){
    $selected = $_POST['tabla'];
}else{
    $selected = $_SESSION['selected'];
}

$link = mysqli_connect('localhost', 'root', '');

if (mysqli_connect_errno()) {
        echo 'No se pudo conectar a mysql';
        exit;
}

$sql = "USE web_db";
$resultado = mysqli_query($link,$sql);
$sql = "DESCRIBE $selected";
$resultado = mysqli_query($link,$sql);

$columna=0;

if (!$resultado) {
    echo "Error de BD, no se han podido listar los atributos\n";
    printf("Errormessage: %s\n", $mysqli->error);
    exit;
}

echo "<table border='1' cellspacing=1 cellpadding=2 style='font-size: 8pt'>";
echo "<tr>";

while ($celda = mysqli_fetch_row($resultado)) {
    $columna+=1;
    echo "<td><b>{$celda[0]}</b></td>";
}
echo "</tr>";
$sql = "SELECT * FROM $selected";
$resultado = mysqli_query($link,$sql);

if (!$resultado) {
    echo "Error de BD, no se han podido listar los datos\n";
    printf("Errormessage: %s\n", $mysqli->error);
    exit;
}

$fila=0;
//Este bucle te dice cuántos resultados se han obtenido para la tabla escogida
while ($fila = mysqli_fetch_row($resultado)) {
    echo "<tr>";
    //Ahora un bucle anidado va rellenando los campos por cada fila obtenida
    $i=0;
    for ($i=0;$i<$columna;$i++) {
        echo "<td>";
        if ($selected=='staff' && $i==1) {
            echo "***";
        } else {
            echo $fila[$i];
        }
        
        echo "</td>";
    }
    echo "<td><form name='borrar' method='POST' action='borrar.php'>".
        "<input type='hidden' name='erase_id' value='$fila[0]' />".
        "<input type='hidden' name='selected' value='$selected'/>".
        "<input type='submit' value='Delete'/> </form></td>";
    //Fila completada
    echo "</tr>";
}
echo "</table>";
echo "<p>Add <IMG onclick='MakeVisible()' name='anade' SRC='./images/add.png'></p>";


?>
<form name='anadir' method='POST' action='anadir.php'>
<table style="visibility:hidden" id='Nueva_Linea' border='1' cellspacing=1 cellpadding=2 style='font-size: 8pt'>
<tr>
    <?php
    for ($i=0;$i<$columna;$i++) {
        echo "<td>";
        echo "<input type='text' name='campo".$i."' size='4'></input>";
        echo "</td>";
    }?>
    <td>
        <input type="hidden" name="selected" value=<?php echo "'$selected'"; ?> />
        <input type="submit" value='Ok'></input>
    </td>
</tr>
<tr>
    <p style="visibility:hidden" id='Warn1'>There are no restrictions (other than the database itself) for administrators. </p>
    <p style="visibility:hidden" id='Warn2'>Be carefull adding new data to de database. It's your responsability.</p>
</tr>
</table>
</form>

<?php
    include 'footer.php';
?>
</div>
</fieldset>
</div>
</body>
<?php else : 
    header("location:index.php");?>
<?php endif; ?>
<?php else : 
    header("location:index.php");?>
<?php endif; ?>
